Importing a certificate into the system-wide CA database
You can use a system-wide CA database to ensure that any applications that use the database trust any of the certificates that are stored on it. You can import the certificates that you create for SSL between the Logstash and LFA servers into this type of database. This step is optional.
About this task
To copy the certificate to the system-wide database, enter the following command:
where <cert_name> is the name of the cert that you want to import.
$ sudo cp mycert.pem /usr/share/ca-certificates/<cert_name>.crt
Add the names of the files that you import to the CA certificate configuration manually or you
can use a command.
To add the CA certificates with a command, enter the following command:
sudo dpkg-reconfigure ca-certificatesTo manually add the certificate names, edit the /etc/ca-certificates.conf file. Add the list of certificate names at the end of the code after the last hashtag (#). For example:
where <cert_name>.crt is the certificate file that you want to import.
# This file lists certificates that you wish to use or to ignore to be # installed in /etc/ssl/certs. # update-ca-certificates(8) will update /etc/ssl/certs by reading this file. # # This is autogenerated by dpkg-reconfigure ca-certificates. # certificates shoule be installed under /usr/share/ca-certificates # and files with extension '.crt' is recognized as available certs. # # line begins with # is comment. # line begins with ! is certificate filename to be deselected. # <cert_name>.crt example.com/example.com.crt
To update the system-wide database, enter the following command:
$ sudo update-ca-certificates